Logo
MITRE

Sr. InfoSec Operations Analyst

MITRE, Mc Lean, Virginia, us, 22107


Why choose between doing meaningful work and having a fulfilling life? At MITRE, you can have both. That's because MITRE people are committed to tackling our nation's toughest challenges—and we're committed to the long-term well-being of our employees. MITRE is different from most technology companies. We are a not-for-profit corporation chartered to work for the public interest, with no commercial conflicts to influence what we do. The R&D centers we operate for the government create lasting impact in fields as diverse as cybersecurity, healthcare, aviation, defense, and enterprise transformation. We're making a difference every day—working for a safer, healthier, and more secure nation and world. Our workplace reflects our values. We offer competitive benefits, exceptional professional development opportunities, and a culture of innovation that embraces diversity, inclusion, flexibility, collaboration, and career growth. If this sounds like the choice you want to make, then choose MITRE—and make a difference with us.MITRE’s Information Security department seeks an Operations Analyst to respond to and investigate cyber security incidents within the organization. This position offers a challenging opportunity to be exposed to a diverse set of security disciplines, including incident response, forensics, reverse engineering, malware analysis, intrusion detection, network security, and system security. MITRE has long been a source of cyber security innovation and continues to seek dedicated and talented individuals.Roles & Responsibilities:Respond to security alerts, investigate for signs of compromise and react accordingly.Track and document security events and incidents in a ticketing system.Analyze log data for signs of malicious activity in a SIEM.Develop new analytics and apply mitigations for adversary Tactics, Techniques, and Procedures (TTPs).Automate workflows in a SOAR tool.Hunt for undetected indicators of compromise.Develop new ways to use existing data to identify malicious activity.Perform Incident Response actions such as forensics, memory analysis, etc.Basic Qualifications:Typically requires a minimum of 5 years of related experience with a Bachelor’s degree; or 3 years and a Master’s degree; or a PhD with relevant experience who can immediately contribute at this job step; or equivalent combination of related education and work experience.Must be detail oriented and able to consistently follow incident investigation process.Must have good analytical, written, verbal, and interpersonal communication skills.Must be able to work well as part of a team and be self-motivated to work on individual projects.Must have prior experience with cloud monitoring and response or analytic development in at least one major cloud provider’s environment (AWS, Azure, or GCP).Must have prior hands-on experience analyzing and responding to cyber events, including network, endpoint, server and cloud.Must have prior hands-on experience with threat hunting.This position requires a minimum of 50% hybrid on-site.Preferred Qualifications:Applied knowledge of Cyber Security concepts.Familiarity with Linux, Mac, and Windows Operating Systems.An in-depth understanding of TCP/IP network protocols and application layer protocols (e.g., HTTP, SMTP, DNS, etc.).Experience analyzing adversary tactics, techniques, and procedures (TTPs) and developing defenses and/or detections for them.Scripting experience, preferably with Python.Experience with Splunk or Elastic Search.Hands-on cloud incident response experience.Works well independently and with the team.Technical leadership skills.Solves complex problems.Adaptability to new tools, architectures, and policies.Prior experience with network, host, and memory forensics.This requisition requires the candidate to have a minimum of the following clearance(s):NoneThis requisition requires the hired candidate to have or obtain, within one year from the date of hire, the following clearance(s):SecretWork Location Type:HybridMITRE is proud to be an equal opportunity employer. MITRE recruits, employs, trains, compensates, and promotes regardless of age; ancestry; color; family medical or genetic information; gender identity and expression; marital, military, or veteran status; national and ethnic origin; physical or mental disability; political affiliation; pregnancy; race; religion; sex; sexual orientation; and any other protected characteristics.

#J-18808-Ljbffr